thr3ads.net - Secure testing commits - [Secure-testing-commits] r7161

If this information is useful, please help other people find it:
Share via:

nion at alioth.debian.org

2007-Oct-31 18:50 UTC

[Secure-testing-commits] r7161 - data/CVE

Author: nion
Date: 2007-10-31 18:50:52 +0000 (Wed, 31 Oct 2007)
New Revision: 7161

Modified:
   data/CVE/list
Log:
CVE-2007-5690 zaptel affected but not a real security issue in debian
CVE-2007-5689 fixed in sun-java6 6-03-1/sun-java5 1.5.0-13-1


Modified: data/CVE/list
==================================================================---
data/CVE/list	2007-10-31 18:18:24 UTC (rev 7160)
+++ data/CVE/list	2007-10-31 18:50:52 UTC (rev 7161)
@@ -34,9 +34,12 @@
 	- iceweasel 2.0.0.8-1 (low)
 	TODO: check other ice-*
 CVE-2007-5690 (Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1
might ...)
-	TODO: check
+	- zaptel <unfixed> (unimportant; bug #448763)
+	NOTE: zaptel does copy argv[1] into ifr_name but zaptel is not suid root or
something
+	NOTE: similar so this is no security issue in Debian even if sethdl-new will
segfault
 CVE-2007-5689 (The Java Virtual Machine (JVM) in Sun Java Runtime Environment
(JRE) ...)
-	TODO: check
+	- sun-java6 6-03-1 (medium)
+	- sun-java5 1.5.0-13-1 (medium)
 CVE-2007-5688 (Multiple SQL injection vulnerabilities in directory.php in the
...)
 	TODO: check
 CVE-2007-5687 (Multiple buffer overflows in the rich text processing
functionality in ...)

Secure testing commits - Oct 2007 - r7161 - data/CVE

[Secure-testing-commits] r7161 - data/CVE